package com.my.shrio.ctrl;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.ExpiredCredentialsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
//import org.springframework.ui.Model;
//import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import com.my.shrio.entiy.User;

@Controller
public class LoginCtrl {

	@RequestMapping(value="/user")
    public String loginForm(Model model){
        model.addAttribute("user", new User());  
        return "/login";  
    }
	
    @RequestMapping(value="/login")
    public String login(User user){
        try {
            //使用权限工具进行用户登录，登录成功后跳到shiro配置的successUrl中，与下面的return没什么关系！  
            SecurityUtils.getSubject().login(new UsernamePasswordToken(user.getUsername(), user.getPassword()));  
            return "/user";
        } catch (AuthenticationException e) {
        	e.printStackTrace();
            return "redirect:/403";
        }  
    }  
    @RequestMapping(value="/dologin")    
    public String dologin(HttpServletRequest request, Model model){   
    	String msg = "";  
        String userName = request.getParameter("userName");  
        String password = request.getParameter("password");  
        System.out.println(userName);  
        System.out.println(password);  
        UsernamePasswordToken token = new UsernamePasswordToken(userName, password);  
        token.setRememberMe(true);  
        Subject subject = SecurityUtils.getSubject();  
        try {  
            subject.login(token);  
            if (subject.isAuthenticated()) {  
                return "redirect:/";  
            } else {  
                return "login";  
            }  
        } catch (IncorrectCredentialsException e) {  
            msg = "登录密码错误. Password for account " + token.getPrincipal() + " was incorrect.";  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        } catch (ExcessiveAttemptsException e) {  
            msg = "登录失败次数过多";  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        } catch (LockedAccountException e) {  
            msg = "帐号已被锁定. The account for username " + token.getPrincipal() + " was locked.";  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        } catch (DisabledAccountException e) {  
            msg = "帐号已被禁用. The account for username " + token.getPrincipal() + " was disabled.";  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        } catch (ExpiredCredentialsException e) {  
            msg = "帐号已过期. the account for username " + token.getPrincipal() + "  was expired.";  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        } catch (UnknownAccountException e) {  
            msg = "帐号不存在. There is no user with username of " + token.getPrincipal();  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        } catch (UnauthorizedException e) {  
            msg = "您没有得到相应的授权！" + e.getMessage();  
            model.addAttribute("message", msg);  
            System.out.println(msg);  
        }
        return "/user";
    }
    @RequestMapping(value="/logout")    
    public String logout(RedirectAttributes redirectAttributes){
        //使用权限管理工具进行用户的退出，跳出登录，给出提示信息  
        SecurityUtils.getSubject().logout();
        redirectAttributes.addFlashAttribute("message", "您已安全退出"); 
        return "redirect:/login";
    }
      
    @RequestMapping("/403")
    public String unauthorizedRole(){  
        return "/403";
    }
}
